---
page_title: "cloudflare_custom_ssl Resource - Cloudflare"
subcategory: ""
description: |-
  Provides a Cloudflare custom SSL resource.
---

# cloudflare_custom_ssl (Resource)

Provides a Cloudflare custom SSL resource.

## Example Usage

```terraform
resource "cloudflare_custom_ssl" "example" {
  zone_id = "0da42c8d2132a9ddaf714f9e7c920711"
  custom_ssl_options {
    certificate      = "-----INSERT CERTIFICATE-----"
    private_key      = "-----INSERT PRIVATE KEY-----"
    bundle_method    = "ubiquitous"
    geo_restrictions = "us"
    type             = "legacy_custom"
  }
}
```
<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `zone_id` (String) The zone identifier to target for the resource.

### Optional

- `custom_ssl_options` (Block List, Max: 1) The certificate associated parameters. **Modifying this attribute will force creation of a new resource.** (see [below for nested schema](#nestedblock--custom_ssl_options))
- `custom_ssl_priority` (Block List) (see [below for nested schema](#nestedblock--custom_ssl_priority))

### Read-Only

- `expires_on` (String)
- `hosts` (List of String)
- `id` (String) The ID of this resource.
- `issuer` (String)
- `modified_on` (String)
- `priority` (Number)
- `signature` (String)
- `status` (String)
- `uploaded_on` (String)

<a id="nestedblock--custom_ssl_options"></a>
### Nested Schema for `custom_ssl_options`

Optional:

- `bundle_method` (String) Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Available values: `ubiquitous`, `optimal`, `force`.
- `certificate` (String) Certificate certificate and the intermediate(s).
- `geo_restrictions` (String) Specifies the region where your private key can be held locally. Available values: `us`, `eu`, `highest_security`.
- `private_key` (String, Sensitive) Certificate's private key.
- `type` (String) Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Available values: `legacy_custom`, `sni_custom`.


<a id="nestedblock--custom_ssl_priority"></a>
### Nested Schema for `custom_ssl_priority`

Optional:

- `priority` (Number)

Read-Only:

- `id` (String) The ID of this resource.

## Import

Import is supported using the following syntax:

```shell
$ terraform import cloudflare_custom_ssl.example <zone_id>/<certificate_id>
```
